Security Architect jobs in Monterey Park, CA

Job DescriptionDescription: Aspire General Insurance Company and its affiliated general agent, Aspire General Insurance Services, are on a mission to deliver affordable specialty auto coverage to drivers without compromising outstanding service. Our company values can best be described with ABLE: to always do the right thing, be yourself, learn and evolve, and execute. Join our team where every individual takes pride in driving their role for shared success. JOB SUMMARY: Aspire General Insurance, a leader in non-standard auto insurance, is seeking a hands-on and strategic Director of Information Security to develop, implement, and maintain the company's information security program. This role is responsible for protecting sensitive customer data, ensuring compliance with regulatory standards, and strengthening our overall cyber risk posture in a cloud-native, AI-enabled environment. Key Responsibilities: Develop and lead the enterprise-wide information security strategy, including governance, risk management, threat detection, and incident response. Manage and mature security operations, vulnerability management, and access controls. Own compliance with regulatory frameworks (e.g., NAIC Model Law, GLBA, PCI-DSS, SOC 2) relevant to the insurance industry. Collaborate with IT, legal, and claims teams to embed security into infrastructure, applications, and third-party vendor relationships. Oversee risk assessments, penetration testing, and security audits; prioritize and remediate findings. Lead response to security incidents, including detection, containment, communication, and recovery. Evaluate and implement modern security technologies, particularly in cloud environments (e.g., Azure security tools). Educate employees on security awareness and develop policies for secure use of systems and data. Supervise and grow a small but high-performing InfoSec team and contractors. Requirements: Qualifications: 8+ years in information security roles, with at least 3 years in a leadership capacity. Deep knowledge of cybersecurity principles, risk frameworks, and regulatory requirements. Experience with cloud security (AWS or Azure), identity and access management (IAM), SIEM tools, endpoint protection, and zero trust architectures. Track record of managing security programs in regulated industries such as financial services or insurance. Familiarity with third-party risk management and secure SDLC practices. Excellent communication and incident-handling skills. Knowledge of SOC 2, ISO 27001, and/or NIST frameworks. Bachelor's degree in Information Security, Computer Science, or related field (CISSP, CISM, or similar certification strongly preferred). Preferred Experience: Experience working with or securing AI/ML platforms and data pipelines. Experience with security considerations in insurance claims and policy systems (e.g., PII, policy documents). Benefits: Medical, Dental, Vision, HSA*, PTO, 401k, Company Observed Holidays Individuals seeking employment at Aspire General Insurance Services LLC are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation in accordance with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements. *Dependent on plan selected

Company Information For more than 20 years, AEG has played a pivotal role in transforming sports and live entertainment. Annually, we host more than 160 million guests, promote more than 10,000 shows and present more than 22,000 events around the world. We are committed to innovation, artistry, and community, and leverage the power of our 300+ venues, leading sports franchises, marquee music brands, integrated entertainment districts, premier ticketing platform and global sponsorship activations, to create memorable moments that give the world reason to cheer. Our business is interwoven with the human mind and heart, and we strive to build a diverse and inclusive company that reflects the artists, athletes, and fans that we host; reach beyond traditional boundaries to support the communities in which we operate; and minimize our impact on the environment by adopting sustainable practices throughout our business operations. If you want to be challenged to up your game and make a difference, then join us in giving the world reason to cheer! Job Summary The Enterprise Security Architect (SA) is responsible for designing and implementing secure architectures that align with business objectives and reduce risk, reporting directly to the Chief Information Security Officer (CISO). This role collaborates across functions-including Global Enterprise Services, Infrastructure, Application Development, Legal, Compliance, and Security Operations-to embed security standards into enterprise technology solutions. Essential Functions Secure Architecture Design: Define and maintain enterprise-wide security architecture standards and blueprints across infrastructure, cloud, endpoint, and application layers. Ensure solutions are securely designed and aligned with business goals, regulatory requirements, and the CISO's strategic objectives. Solution Reviews and Advisory: Provide expert guidance during solution design and implementation. Lead threat modeling, architecture reviews, and risk assessments as part of technical intake and governance processes. Cross-Functional Engagement: Serve as the security subject matter expert within project teams. Partner with Global Enterprise Services, Infrastructure, Application Development, and PMO to ensure secure integration and alignment of technical requirements. Security Standards and Frameworks: Develop and maintain reference architectures, secure configuration standards, and solution patterns. Ensure consistency with frameworks such as NIST, PCI-DSS, ISO 27001, and GDPR. Cloud and SaaS Security Enablement: Lead secure design of cloud-native and SaaS platforms, including IaaS and PaaS. Collaborate with Cloud Engineering and DevOps to implement secure-by-design deployment practices. Innovation and Strategic Foresight: Stay ahead of evolving threats and technology trends. Contribute to the long-term security architecture roadmap by identifying opportunities to improve the organization's security posture. Required Qualifications BA/BS Degree (4-year) Computer Science, Cybersecurity, Engineering, Information Systems, or related field. Master's degree or advanced certifications preferred. 10+ years experience in IT and/or cybersecurity, with at least 5 years in a security architecture or engineering role. Proven ability to design secure enterprise systems and integrations across on-prem, cloud, and hybrid environments. Experience with identity and access management, network segmentation, encryption, logging/monitoring, and secure SDLC. Strong understanding of architectural frameworks (SABSA, TOGAF, or similar) and secure design methodologies. Experience conducting architecture risk assessments, threat modeling, and security reviews of enterprise systems. Expert-level knowledge of security technologies including firewalls, web application firewalls (WAFs), identity and access management (IAM), endpoint protection, cloud-native security controls, and SIEM/SOAR platforms. Strong familiarity with modern IT and application architectures, including public cloud platforms (AWS, Azure, GCP), containerization (e.g., Docker, Kubernetes), and DevOps/CI-CD pipelines. Proven ability to assess complex technical environments, conduct threat modeling, and deliver actionable risk mitigation strategies. Exceptional communication skills, with the ability to clearly articulate technical risks and solutions to both technical and non-technical stakeholders. Demonstrated ability to influence and collaborate across Security, IT, Legal, Compliance, and business units in a matrixed environment. Proficient in architecture modeling and documentation tools such as Lucidchart, Visio, and Confluence, with an emphasis on clarity and reusability. Strategic mindset with a hands-on approach; able to navigate between high-level architectural vision and detailed implementation considerations in fast-paced, evolving environments. Relevant certifications such as CISSP, SABSA, CCSP, AWS/Azure Security Certifications, or equivalent highly preferred. Pay Scale: $164,794 - $224,719 Bonus: This position is eligible for a bonus under the current bonus plan requirements. Benefits: Full-time: We offer a comprehensive benefits package that includes: medical, dental and vision insurance, paid holidays, vacation and sick time, company paid basic life insurance, voluntary life insurance, parental leave, 401k Plan (with a current employer match of 3%), flexible spending and health savings account options, and wellness offerings. AEG reserves the right to change or modify the employee's job description whether orally or in writing, at any time during the employment relationship. AEG may require an employee to perform duties outside their normal description.

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined efforts mean that our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman is seeking a **Senior Principal/Principal** **Industrial Security Analyst** to join our team in **Northridge, CA as a Contract Program Security Officer (CPSO).** **_This position requires the selected candidate to be on-site._** **Responsibilities:** + Develops, and administers security programs and procedures for classified or proprietary materials, documents, and equipment. + Studies and implements federal security regulations that apply to company operations. + Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies. Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials. + Conducts security education classes and security audits. Investigate security violations and prepare reports specifying preventive action to be taken. + The CPSO (Contractor Program Security Officer) will lead Security Operations for multiple Special Access Programs (SAP). **Principal Industrial Security Analyst** (Level 3) **:** **Basic Qualifications:** + High school diploma and 8 plus years of SAP Security experience; or 5 plus years of SAP Security with a bachelor's degree; or 3 plus years SAP Security experience with a master's degree. + Fully proficient and knowledgeable with the Department of Defense Manual 5205.07 Vol 1-4; National Industrial Security Program Operating Manual (NISPOM), Department of Defense (DoD) Manual (DoDM) 5205.07, Volume 1, DoD Special Access Program (SAP) Security Manual; General Procedures, 18 June 2015, Incorporating Change 1, Effective 12 February 2018 DoDM 5205.07, Volume 2, DoD Special Access Program (SAP) Security Manual. + Proficient in Communications Security (COMSEC) Manual NSA/CSS 3-16, Director of National Intelligence (DNI), Intelligence Community Directives (ICDs), program specific Program Security Directives (PSD) and associated corporate and government policies and directives. + Organized and efficient with time management + Computer and desktop Microsoft Office software products experience (Word, Excel etc.) + Detail-oriented, have meticulous record-keeping, and be responsible for accurate data input into multiple databases/spreadsheets + Current DOD **Secret** clearance which has been adjudicated in the past 5 years + Must be able to obtain program access(es) required for the position within a reasonable period of time of hire **Senior Principal Industrial Security Analyst** (Level 4) **:** **Basic Qualifications:** + High school diploma and 10 plus years of SAP Security experience; or 6 plus years of SAP Security with a bachelor's degree; or 4 plus years SAP Security experience with a master's degree. + Fully proficient knowledge of a strong security program in compliance with the Department of Defense Manual 5205.07 Vol 1-4; National Industrial Security Program Operating Manual (NISPOM), Department of Defense (DoD) Manual (DoDM) 5205.07, Volume 1, DoD Special Access Program (SAP) Security Manual; General Procedures, 18 June 2015, Incorporating Change 1, Effective 12 February 2018 DoDM 5205.07, Volume 2, DoD Special Access Program (SAP) Security Manual. + Proficient in Communications Security (COMSEC) Manual NSA/CSS 3-16, Director of National Intelligence (DNI), Intelligence Community Directives (ICDs), program specific Program Security Directives (PSD) and associated corporate and government policies and directives + Organized and efficient with time management + Computer and desktop Microsoft Office software products experience (Word, Excel etc.) + Detail-oriented, have meticulous record-keeping, and be responsible for accurate data input into multiple databases/spreadsheets + Current DOD **Secret** clearance adjudicated within the past 5 years + Must be able to obtain program access(es) required for the position within a reasonable period of time of hire **Preferred Qualifications:** + Contractor Program Security Officer (CPSO) experience + Self-starter with minimal supervision + ICD 704 eligibility in DISS + Experience/familiarity with ICD 705 requirements + Personnel and Program Security Experience + Ability to display tact, discretion, and diplomacy in a variety of program areas + Ability to excel in a fast-paced, deadline-driven environment + Excellent communication, speaking, writing, and organizational skills to enable effective communication + Experience with SIMS, DISS, and JADE + Counterintelligence, Insider Threat and OPSEC program experience + Current and working knowledge of the DoD and Intelligence Community + Current DOD **Top** **Secret** clearance adjudicated within the past 5 years Salary Range: $91,200.00 - $136,800.00Salary Range 2: $113,500.00 - $170,300.00 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Apply (***************************************** Id=1436930) + Alternate LocationSeattle, WA, Los Angeles, CA, Western states, U.S. + Area of InterestEngineer - Pre Sales and Product Management + Compensation Range237500 USD - 303000 USD + Job TypeProfessional + Technology InterestSecurity + Job Id1436930 **The application window is expected to close on: June 25, 2025** **Job posting may be removed earlier if the position is filled or if a sufficient number of applications are received.** **Location: Bay Area, CA, Los Angeles, CA, Portland, Oregon, Seattle, Western states, U.S.** **Travel is required and this position is home office based.** **Meet The Team** As a Solution Engineer within Cisco's Global Security Sales Organization (GSSO), you will play a critical role in driving large enterprise deals. This role is 100% focused on driving specific customer opportunities. You will be assigned a set of strategic accounts and will be responsible for creating and driving 8-figure deals within those accounts. Specifically, your focus will be on Hybrid Mesh Firewall and Segmentation opportunities across on-prem, hybrid, and public cloud environments. The core function of this role is **pre-sales revenue-generating activity** . This role requires a solid understanding of customer value drivers related to network security for modern platform architectures and the related security trends and market landscape. You will apply a hunting mentality to generate pipeline and revenue with a thoughtful go-to-market strategy for new and existing Cisco Security customers. At Cisco, we believe that impactful work is rewarding work and that our team is at its best when everyone feels empowered to bring their whole self to work. We learn together by hiring for cultural contribution, not cultural fit, and recognize that diversity in background and thought are essential to building high-impact teams. We invest in growth and learning opportunities and encourage our people to never stop learning. We foster collaboration and believe in being recognized (and rewarded!) for hard work. We champion a healthy work-life balance and together we build for the future by designing simple solutions for complex problems. And that's why we're the most loved and trusted name in security. **Your Impact** You are responsible for driving market success and adoption of Cisco's Hybrid Mesh Firewall and Zero Trust Segmentation solutions. This is a highly visible technical (pre-sales) position that supports the Product and Engineering Business Units, Sales and Field Engineering organizations, working directly with each of them, our partners, and prospective customers. You will conduct technical presentations, demonstrations, workshops, PoV's to explain features and benefits to customers. You will form relationships with our customer's key decision-makers, positioning Cisco solutions aligned precisely to their requirements. As an advisor to the customer, you will craft architectures and configure products to meet their specific needs and be prepared to lead all technical aspects of pre-sales activities through to a successful deployment of our incubated technologies. You must be highly accomplished in the areas of application security concepts, cloud security concepts, and more specifically the entire Cloud Application Security Development and Deployment lifecycle. You will possess skills across data center networking, firewalls, Application and Network Segmentation strategies (Macro & Micro), Container Security and Orchestration platforms. Additionally, you will need knowledge of and to keep up to date on networking and software enablement, API's and Network Programmability. You will work with a variety of technologies and will therefore need strong cross-functional collaboration and consultative skills. The capacity to demonstrate technical solutions and capabilities effectively and conduct multi-architectural Proof-of-Value (POV) tests is a must. - You are a self-starter, will act as an industry domain expert, and strive to help Cisco make customers for life - Act as the highest field escalation resource for the SE team and potential prospects for technical product questions, demos, trials / POVs, and pre-sale customer issues during the sales cycle. - Deliver technical presentations along with sales staff via web conferencing or in-field to prospective C-level audience and technical decision makers. - Be available as a competitive expert to assist with product positioning and customer opportunity success - Provide essential input and responses to assist with major RFIs / RFPs. - Assist with delivery and GTM of new product features as they are introduced. - Participate in formal Early Adoption and Private Preview programs to thoroughly test new technologies, providing feedback to Product and Engineering teams. - Evangelize to and enable the wider Cisco SE and Partner SE teams across the region. - Work directly with Product Management as a liaison to accounts around technical product requirements and to help provide customer feedback with the goal of enabling continuous improvement of Cisco's offerings in this space - Effectively interact with internal engineering teams to scope and provide solutions to complex technical issues for highly visible customer and market opportunities. - Assist in the development of GTM tools such as Demos, Workshops, Trial and POV best practices by creating content, giving demos and running labs in support of various events (internal, partner, customer). **Minimum Qualifications:** - 5+ years of technical experience as a pre-sales engineer, network operations support, or application engineering role. - 5+ years of enterprise pre-sales experience working directly with network, cloud security and/or micro-segmentation products in a customer-facing role. - Have a solid mastery of LAN, WAN, Cloud Security (L4-L7, FWaaS, IPS, DNS Security, VPN etc.) technologies **Preferred Qualifications:** - Understanding of competitive products such as Palo Alto Networks and Fortinet, VMware, Illumio, Guardicore (Akamai) Networks; ability to articulate Cisco differentiators. - Strong knowledge of cloud computing platforms (e.g., AWS, Azure, GCP) and container technologies (e.g., Kubernetes, Docker). - Deep understanding and familiarity with competing market-leading micro-segmentation products - Strong understanding of networking protocols and technologies, including switching, routing, and security. - Familiarity with security principles related to microservices architecture and serverless computing. - Passion for customer satisfaction and delivering results, even when faced with nuanced and difficult situations. - A self-starter with a positive attitude and friendly outgoing personality. - Strong written and email etiquette skill. - Strong oral interpersonal skills, including the ability to present technical information in user-friendly language. - Ability to prioritize and work responsibly with or without direct supervision. **\#WeAreCisco** \#WeAreCisco where every individual brings their unique skills and perspectives together to pursue our purpose of powering an inclusive future for all. Our passion is connection-we celebrate our employees' diverse set of backgrounds and focus on unlocking potential. Cisconians often experience one company, many careers where learning and development are encouraged and supported at every stage. Our technology, tools, and culture pioneered hybrid work trends, allowing all to not only give their best, but be their best. We understand our outstanding opportunity to bring communities together and at the heart of that is our people. One-third of Cisconians collaborate in our 30 employee resource organizations, called Inclusive Communities, to connect, nurture belonging, learn to be informed allies, and make a difference. Dedicated paid time off to volunteer-80 hours each year-allows us to give back to causes we are passionate about, and nearly 86% do! Our purpose, driven by our people, is what makes us the worldwide leader in technology that powers the internet. Helping our customers reimagine their applications, secure their enterprise, transform their infrastructure, and meet their sustainability goals is what we do best. Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation Pay range depends upon U.S. state **Message to applicants applying to work in the U.S. and/or Canada:** When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. and/or Canada locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. or Canada hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process. U.S. employees haveaccess (********************************************************************************* to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday (for non-exempt employees), plus a day off for their birthday. Non-Exempt new hires accrue up to 16 days of vacation time off each year, at a rate of 4.92 hours per pay period. Exempt new hires participate in Cisco's flexible Vacation Time Off policy, which does not place a defined limit on how much vacation time eligible employees may use, but is subject to availability and some business limitations. All new hires are eligible for Sick Time Off subject to Cisco's Sick Time Off Policy and will have eighty (80) hours of sick time off provided on their hire date and on January 1st of each year thereafter. Up to 80 hours of unused sick time will be carried forward from one calendar year to the next such that the maximum number of sick time hours an employee may have available is 160 hours. Employees in Illinois have a unique time off program designed specifically with local requirements in mind. All employees also have access to paid time away to deal with critical or emergency issues. We offer additional paid time to volunteer and give back to the community. Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco typically pays as follows: .75% of incentive target for each 1% of revenue attainment up to 50% of quota; 1.5% of incentive target for each 1% of attainment between 50% and 75%; 1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid. Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.

The Cloud Security Architect is responsible for ensuring that cloud-based data and information systems are protected from cybersecurity threats. This person works closely with related teams and associated IT organizations as the subject matter expert for cloud-based data protection solutions. From project planning to the full lifecycle of a cloud solution, including retirement, the Cloud Security Architect is involved. Additionally, this architect aligns cloud security strategies with global security frameworks. Principal Duties First Priority (20%) Oversees the development and deployment of cloud business solutions that safeguard private company information in cloud environments (such as AWS, Azure, etc.). Second Priority (20%) Identifies security flaws and offers solutions by conducting routine security audits and assessments on cloud infrastructures. Third Priority (20%) Ensures that cloud security controls and compliance procedures are implemented in accordance with industry best practices, local and international guidelines, and legal requirements (such as CPRA, HIPAA, ISO 27001:2022, etc.). Fourth Priority (20%) Investigates security threats and incidents related to the cloud environment and produces detailed reports. Leads relevant team members and partners to a resolution and, when necessary, makes recommendations for solutions to senior leadership. Fifth Priority (10%) Keeps up to date on industry best practices, laws, and the latest developments in cloud security technologies. Regularly updates cloud security plans, architecture, threats, vulnerabilities, and mitigation strategies to ensure technology and policies remain current. Sixth Priority (10%) Communicates information security issues with partners and key stakeholders across business divisions. Certification and Education A bachelor's degree in information technology, computer science, or a related field is required. Preferred certifications include AWS Certified Security Specialty and Certified Cloud Security Professional (CCSP). Total Experience 7+ years of IT security expertise, with at least 3 years dedicated to cloud security. Relevant Experience Strong expertise in Microsoft security tools, including MS Defender, Azure Security Center, and Azure Sentinel, as well as O365 and Azure cloud services. Expert-level knowledge of cloud security frameworks such as AWS, Azure, and Google Cloud. Experience implementing security standards such as NIST, ISO 27001, and CIS Top 18 is highly desirable. Hands-on expertise with cloud security tools and technologies, including identity management, network security, and encryption. Prior experience working in large, ideally multinational organizations is a plus. Additional Requirements Proactive, self-driven, and capable of leading multiple initiatives simultaneously. Occasional domestic or international travel may be required. Ability to perform additional duties as assigned. Key Skills and Abilities Strong ability to analyze technical structures, identify security vulnerabilities, and implement corrective measures. Expertise in log data analytics, incident classification, intrusion detection, network protocol analysis, evidence recovery, and incident response. Ability to manage external vendors in delivering security products, services, and initiatives. Proven leadership capabilities for both technical and non-technical teams. Excellent problem-solving skills and ability to work under pressure. Strong written and verbal communication skills, with the ability to engage with stakeholders at all levels. Deep understanding of attack chains, adversary tactics, emerging threats, and vulnerabilities. Strong knowledge of network security, authentication and access control, and secure application development. Strong technical, analytical, planning, and organizational skills. Core Competencies Lead and Support Others Strive for Excellence Challenge Boundaries with Confidence Empower Action and Foster Growth

At Kia, we're creating award-winning products and redefining what value means in the automotive industry. It takes a special group of individuals to do what we do, and we do it together. Our culture is fast-paced, collaborative, and innovative. Our people thrive on thinking differently and challenging the status quo. We are creating something special here, a culture of learning and opportunity, where you can help Kia achieve big things and most importantly, feel passionate and connected to your work every day. Kia provides team members with competitive benefits including premium paid medical, dental and vision coverage for you and your dependents, 401(k) plan matching of 100% up to 6% of the salary deferral, and paid time off. Kia also offers company lease and purchase programs, company-wide holiday shutdown, paid volunteer hours, and premium lifestyle amenities at our corporate campus in Irvine, California. Status Exempt Summary The Cloud Security Architect is responsible for ensuring Kia America (KUS) cloud-based information systems and data are protected from growing cybersecurity threats. This individual serves as the subject matter expert for cloud-based data protection strategies and works closely with related teams and affiliated IT companies. The Cloud Security Architect is engaged from the beginning of project planning through the full life cycle of a cloud solution including its eventual retirement. This architect also works to align KUS's cloud strategy with the global strategy created by Kia HQ's security team. Major Responsibilities 1st Priority - 20% Provides leadership to Kia America and affiliated IT companies on the design and implementation of cloud business solutions that protect sensitive company data when deployed into cloud environments (e.g., AWS, Azure, etc.). 2nd Priority - 20% Conducts regular security assessments and audits on KUS cloud environments to identify security vulnerabilities and make recommendations to mitigate them. 3rd Priority - 20% Ensures cloud security controls and compliance measures are implemented in accordance with local and global Kia guidelines, industry best practices and regulatory requirements (e.g., CPRA, HIPAA, ISO 27001:2022, etc.) 4th Priority - 20% Conducts investigations and create detailed reports on security threats and incidents involving the cloud environment. Recommends solutions to executive leadership as required and leads related team members and partners to a resolution, helping them understand why measures need to be put in place. 5th Priority - 10% Stays up-to-date with the latest trends and advancements in cloud security technology, regulations, and industry best practices. Continually updates cloud security plans, architecture, threats, vulnerabilities, and mitigation plans to ensure Kia's policies and technology are keeping pace with developing technology and threats. 6th Priority - 10% Consults with key stakeholders across all business departments and partners on information security matters. Education/Certification * Bachelor's degree in Computer Science, Information Technology, or a related field required. * Relevant Certification(s) such as AWS Certified Security Specialty and Certified Cloud Security Professional (CCSP) preferred. Overall Experience * 7+ years of experience in IT security, with at least 3 years focused on cloud security required. Directly Related Experience * Requires expert skills and extensive experience with Microsoft O365 and Azure cloud services as well as Microsoft security tools such as Azure Security Center, Azure Sentinel, and MS Defender. * Expert level experience with cloud security frameworks (e.g., AWS, Azure, Google Cloud) is required. * Experience implementing security standards (e.g., NIST, ISO 27001, CIS Top 18) is highly desirable. * Expert level hands-on proficiency with cloud security tools and technologies including network security, encryption, and identity management. * Experience working in a large, preferably multi-national corporations highly desirable. Other Requirements: * Must be proactive, self-motivated, and lead team to multiple concurrent solutions. * Occasional travel may be required domestically and/or internationally * Perform other duties as assigned Skills Ability to analyze technical architectures and identify security vulnerabilities then remediation efforts. Ability to demonstrate evidence recovery techniques, log data analytics, incident categories, IR event handling methodologies, intrusion detection systems, network protocol and packet analysis Ability to manage external vendors in the development and delivery of related products, programs, and services. Demonstrated leadership skills over technical and non-technical teams. Excellent problem-solving skills and the ability to work under pressure. Excellent verbal and written communication skills with the ability to communicate across all levels of an organization. Expert level knowledge and understanding of the attack chain, adversary tactics, techniques, and procedures, emerging threats and vulnerabilities. Solid understanding of secure application development, authentication and access control methods, and network security principles. Strong organizational, planning, analytical, and technical skills. Competencies Care for People Chase Excellence, Every Day Dare to Push Boundaries Empower People to Act Move Further, Together Pay Range $95,000 - $133,000 Pay will be based on several variables that are unique to each candidate, including but not limited to, job-related skills, experience, relevant education or training, etc. Equal Employment Opportunities KUS provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, ancestry, national origin, sex, including pregnancy and childbirth and related medical conditions, gender, gender identity, gender expression, age, legally protected physical disability or mental disability, legally protected medical condition, marital status, sexual orientation, family care or medical leave status, protected veteran or military status, genetic information or any other characteristic protected by applicable law. KUS complies with applicable law governing non-discrimination in employment in every location in which KUS has offices. The KUS EEO policy applies to all areas of employment, including recruitment, hiring, training, promotion, compensation, benefits, discipline, termination and all other privileges, terms and conditions of employment. Disclaimer: The above information on this job description has been designed to indicate the general nature and level of work performed by employees within this classification and for this position. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Nearest Major Market: Irvine California Nearest Secondary Market: Los Angeles Job Segment: Compliance, Developer, Computer Science, Cloud, Legal, Technology, Automotive

About League Founded in 2014, and with a total funding currently at $220 million; League is a platform technology company powering next-generation healthcare consumer experiences. Payers, providers, consumer health partners and employers build on League's platform to deliver high-engagement, personalized healthcare experiences consumers love. Millions of people use solutions powered by League to access, navigate and pay for care. The Role: The Director of Security is a senior leadership role responsible for establishing and maintaining a comprehensive information security program for League. This includes direct oversight of Security Operations (SecOps) and Product/Application Security teams. The successful candidate will be a strategic thinker with a strong technical background, capable of influencing without direct authority and working collaboratively across all departments to implement security measures that are proportionate to League's evolving needs and risk landscape. This role is pivotal in protecting League's assets, data, and reputation while enabling business objectives. What you will do: Build relationships with stakeholders in customer, engineering, and company organizations to influence decision making and manage expectations and escalations Collaborate closely with product leaders to influence product strategy, roadmap, and process Work with your teams to set clear and measurable objectives, and drive them to completion Build a high performing team through the ongoing development of current team members and leaders Develop and lead inclusive, welcoming, and effective recruiting processes Maintain relationships with senior leaders and colleagues throughout the company and our external partners, and represent engineering in cross-functional projects and to the company and partners. Proactively identify areas of improvement where engineering teams can make a difference and work with other teams to make those improvements happen Develop, implement, and maintain a strategic, comprehensive enterprise information security and risk management program to ensure the integrity, confidentiality, and availability of information. Lead and mentor the Security teams across operations and product security, ensuring effective incident detection, response, and recovery capabilities, including managing security monitoring tools and processes. Oversee the Product/Application Security program, embedding security best practices into the software development lifecycle (SDLC) from design to deployment, including code reviews, vulnerability assessments, and penetration testing. Collaborate with engineering, product, legal, IT, and other business units to ensure security is integrated into their processes and initiatives. Champion a culture of security awareness and responsibility throughout the organization. Develop and implement security policies, standards, and procedures that are practical, effective, and proportionate to League's business objectives and risk tolerance. Conduct regular risk assessments and security audits to identify vulnerabilities and ensure compliance with relevant regulations and standards. Manage security budgets and vendor relationships. Stay current with the latest security threats, technologies, and industry best practices. Provide regular reporting on the current status of the information security program to executive leadership and relevant stakeholders. Effectively influence stakeholders at all levels of the organization to adopt and support security initiatives, even without direct reporting lines. Foster a collaborative environment to achieve shared security objectives across the company. What you bring: Bachelor's degree in Computer Science, Information Security, or a related field. A Master's degree is a plus. Minimum of 10 years of experience in information security, with at least 5 years in a leadership or management role. Demonstrated experience in leading, managing, and delivering Security Operations (e.g., SIEM, incident response, threat intelligence) and Product/Application Security (e.g., secure SDLC, SAST/DAST, DevSecOps), Enterprise Security, and Identity Management functions. Proven experience in developing and implementing security strategies, policies, and programs. Strong understanding of common security frameworks and standards (e.g., HITRUST, NIST CSF, ISO 27001, SOC 2, PCI DSS). Relevant professional certifications are highly desirable (e.g., CISSP, CISM, CRISC, GIAC certifications). Experience working in a dynamic, fast-growing technology company is preferred. Deep understanding of cloud security principles and practices (e.g., AWS, Azure, GCP). Experience in influencing cross-functional teams and driving change in a collaborative manner. What We Offer: Comprehensive Health Benefits: We prioritize your well-being with complete medical, dental, and vision coverage Bonus Program: Be rewarded for your contributions with our performance-based bonus program Employee Stock Option Program: Become an owner and share in our success through our stock option program Unlimited Paid Time Off: Take the time you need to recharge and maintain a healthy work-life balance Spending Accounts: Manage your healthcare and dependent care expenses with tax-advantaged spending accounts Wellness Days: Prioritize your mental and physical health with dedicated wellness days throughout the year Growth Opportunities: We invest in your future with abundant opportunities for professional development and advancement Mentorship Program: Benefit from guidance and support from experienced leaders in your field Flexible Ways of Working: Enjoy the freedom to work in a way that suits your life and boosts your productivity Security-Related Responsibilities Responsibility and accountability for executing League's policies and procedures within the department/ team Notification of HR, Legal, Compliance & Security of any incidents, breaches or policy violations Compliance with Information Security Policies CANADA APPLICANTS ONLY: The Canada-specific compensation range below for this full-time position is exclusive of bonus, equity and benefits. This range reflects the minimum and maximum target for base salaries for the position across all Canadian locations. The salary range is intentional to account for the performance and career progressions a Leaguer will experience in the role throughout their time at League. Where in the band you may land is determined by job-related skills/experience. Your recruiter can share more about the specific salary range specific to your skills and experience during the hiring process. Compensation range for Canada applicants only$210,100—$262,000 CADOur employees come from different backgrounds, and we celebrate those differences. We are looking for the best candidates for our open roles, but do not expect applicants to meet every qualification in order to be considered. If you are excited about what you could accomplish at League and believe you can add value to our team, we would love to hear from you. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you are an individual in need of assistance at any time during our recruitment process, please contact us at *************************. Our Application Process: Applying to a role you love can be exhausting, and understanding the next steps can feel vague and uncertain. You have done the hard part of submitting your application; let's do ours by sharing potential next steps You should receive a confirmation email after submitting your application. A recruiter (not a computer) reviews all applications at League. If we see alignment with League's needs, a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring. The final step is an offer, which we hope you will accept! Prior to joining us, we conduct reference and background checks. Additional checks could be required for US Candidates, depending on the role you are exploring. Here are some additional resources to learn more about League: Learn about our platform, leadership team and partners Highmark Health, Google Cloud, League: new digital front door to seamless care Former Providence President and Workday EVP of Corporate Strategy join League Board of Directors League raises $95 million USD in Series C to build world's leading healthcare CX platform Forbes x League: The Platformization Of Healthcare Is Here Fast Company x League: If we want better innovations in healthtech, we need more competition Recognize and Avoid Employment scams. Practice safe job searching. Scammers are getting craftier and leveraging fake job postings to get personal information. Know the warning signs and protect yourself from scammers. Learn more here. Use of AI Notice We are committed to ensuring fairness and transparency throughout our hiring process. League may use Artificial Intelligence (AI) tools to assist in the screening of applicants for this position. Please check out our stance on using AI in recruitment here. Privacy Policy Review our Privacy Policy for information on how League is protecting personal data.

The Director of Information Security reports to the Chief Information Officer (CIO) and is responsible for information security policy assessments, enforcing compliance with firm security policies and applicable law, vendor management and security incident management. Working with the firm's Information Technology teams, including Network Operations, Customer Experience, Practice Services and Research, the Director of Information Security will help develop, manage, audit and enforce security related policies and procedures throughout the firm's enterprise on premise and cloud systems. REQUIRED KNOWLEDGE, SKILLS AND ABILITIES: Admin-level knowledge of Windows system administration and Active Directory. Knowledge of network security principals, best practices and industry standards. Knowledge of security models that maintain and enforce security policies. Expert understanding of cloud controls and environments, a strong foundation in IT solutions deployment and practical understanding of IT security compliance, risk management and information security principles including access control, network security, information security architecture, information security operations, and leading practices and associated tools in a cloud environment are critical. Experience with IT security, compliance, risk and privacy frameworks such as ISO 27001, NIST 800-53, HIPAA, GDPR, CCPA. Knowledge of security tools and concepts including: IDS/IPS; SIEM; Web Proxy; Encryption; Patch management; Vulnerability Scanning & Remediation; Forensics; Penetration Testing; DLP; Email Gateways; Anti-spam Services; MDM; Privileged Account Management; Log Analytics; Two Factor Authentication; Single Sign On. Individual must possess excellent communication and interpersonal skills with a high degree of empathy and emotional intelligence, be self-motivated with the ability to manage and prioritize multiple deliverables to meet deadlines and demonstrate proven success delivering results individually and as part of a team in a fast-paced, demanding, growth environment. JOB COMPETENCIES / SUCCESS FACTORS: Client-service orientation Pro-active problem solving Strong communication skills Work ethic and teamwork Leadership skills Interpersonal skills QUALIFICATIONS: 4+ years of experience working in an Information Security management role. CISSP certification Project management experience preferred Previous law firm experience highly desired

Are you a hands-on security leader ready to make a measurable impact in a mission-driven organization? We're looking for a Director of Information Security to lead and scale our security operations, incident response, and engineering efforts. In this role, you'll oversee our security ecosystem - from real-time monitoring to proactive threat hunting - and help shape the future of enterprise security at a growing company. This is a highly collaborative position where you'll work cross-functionally with teams across the business to protect our information assets, infrastructure, and services - especially within a SaaS and life sciences environment. What will you do? Shape and drive the enterprise security operations strategy in alignment with broader company goals. Serve as a trusted advisor to senior leadership on all things security. Manage our Security Operations Center (SOC), ensuring rapid incident detection, triage, and response. Oversee threat intelligence, vulnerability management, and operational risk mitigation initiatives. Partner with IT and engineering teams to deploy, tune, and optimize tools like SIEM, SOAR, EDR, and DLP. Implement automation and integrations that improve speed and efficiency. Lead cyber incident response efforts and continuously test and improve our disaster recovery and response plans. Coordinate cross-functional teams (e.g., Legal, HR, Communications) during major security events. Lead, mentor, and grow a high-performing team of security and infrastructure professionals. Support the development of a resilient, inclusive, and learning-driven culture across the department. Align programs with regulatory standards (HIPAA, SOX, GDPR, PCI-DSS) and frameworks (NIST, MITRE ATT&CK). Support audits and ensure documentation is ready and accurate. How will you get there? Bachelor's degree in Computer Science, Information Security, or related field (Master's a plus). 12+ years of relevant experience, including 4+ years leading teams in complex enterprise environments. Hands-on expertise in SOC management, incident response, and threat intelligence. Experience in the Medical Device, Life Sciences, or highly regulated industries preferred. Professional certifications such as CISSP, CISM, GIAC, or CEH. Proficiency with security tools including SIEM, EDR, SOAR, IDS/IPS, and vulnerability management platforms. Strong knowledge of cloud (AWS, Azure, GCP), Windows/Linux systems, and network protocols. Familiarity with security frameworks and standards (NIST, MITRE, ISO 27001). Proven ability to build, lead, and retain high-performing technical teams. A proactive, solutions-oriented mindset with excellent communication and collaboration skills. #GKOSUS

Are you a hands-on security leader ready to make a measurable impact in a mission-driven organization? We're looking for a Director of Information Security to lead and scale our security operations, incident response, and engineering efforts. In this role, you'll oversee our security ecosystem - from real-time monitoring to proactive threat hunting - and help shape the future of enterprise security at a growing company. This is a highly collaborative position where you'll work cross-functionally with teams across the business to protect our information assets, infrastructure, and services - especially within a SaaS and life sciences environment. What will you do? Shape and drive the enterprise security operations strategy in alignment with broader company goals. Serve as a trusted advisor to senior leadership on all things security. Manage our Security Operations Center (SOC), ensuring rapid incident detection, triage, and response. Oversee threat intelligence, vulnerability management, and operational risk mitigation initiatives. Partner with IT and engineering teams to deploy, tune, and optimize tools like SIEM, SOAR, EDR, and DLP. Implement automation and integrations that improve speed and efficiency. Lead cyber incident response efforts and continuously test and improve our disaster recovery and response plans. Coordinate cross-functional teams (e.g., Legal, HR, Communications) during major security events. Lead, mentor, and grow a high-performing team of security and infrastructure professionals. Support the development of a resilient, inclusive, and learning-driven culture across the department. Align programs with regulatory standards (HIPAA, SOX, GDPR, PCI-DSS) and frameworks (NIST, MITRE ATT&CK). Support audits and ensure documentation is ready and accurate. How will you get there? Bachelor's degree in Computer Science, Information Security, or related field (Master's a plus). 12+ years of relevant experience, including 4+ years leading teams in complex enterprise environments. Hands-on expertise in SOC management, incident response, and threat intelligence. Experience in the Medical Device, Life Sciences, or highly regulated industries preferred. Professional certifications such as CISSP, CISM, GIAC, or CEH. Proficiency with security tools including SIEM, EDR, SOAR, IDS/IPS, and vulnerability management platforms. Strong knowledge of cloud (AWS, Azure, GCP), Windows/Linux systems, and network protocols. Familiarity with security frameworks and standards (NIST, MITRE, ISO 27001). Proven ability to build, lead, and retain high-performing technical teams. A proactive, solutions-oriented mindset with excellent communication and collaboration skills. #GKOSUS

City: Los Angeles, CA Onsite/ Hybrid/ Remote: Hybrid (2 days a week onsite) Duration: 12 months Rate Range: Up to$85/hr on W2 depending on experience (no C2C or 1099 or sub-contract) Work Authorization: GC, USC, All valid EADs except OPT, CPT, H1BMust Have: Security Incident Response EDR/IDS/IPS (e.g., endpoint detection & response, intrusion detection/prevention) SIEM and SOAR tools Malware, memory, and disk forensics Linux/Unix and Windows administration Threat hunting and threat intelligence integration Scripting and automation (Python, PowerShell, etc.) Security certifications (GCIH, GSEC, or CYSA+) Responsibilities: Lead response efforts for cybersecurity incidents, including triage, investigation, containment, and recovery. Monitor and analyze security events using EDR/IDS/IPS and SIEM tools. Perform malware, memory, and disk forensic analysis during investigations. Configure and fine-tune detection technologies to improve signal fidelity and reduce false positives. Develop and maintain incident response strategies, playbooks, and automation workflows. Participate in a 24x7 on-call rotation to support continuous monitoring and rapid response. Collaborate with Security Engineering to design and improve detection, automation, and mitigation workflows. Evaluate and recommend emerging security technologies for adoption. Conduct vulnerability assessments, risk analysis, and red team-style threat hunts. Partner with business units to define and support enterprise security requirements and initiatives. Author documentation, training materials, and internal knowledge bases. Qualifications: Minimum 5 years of experience in a Security Operations role Active security certification (GCIH, GSEC, or CYSA+) Experience in leading incident response, including hands-on forensics and threat analysis Deep knowledge of security tools including SIEM, SOAR, EDR, IDS/IPS, HIDS/NIDS, WAF, and DNS security Proficiency with scripting and automation tools (e.g., Python, PowerShell) Expertise in Linux/Unix and Windows operating systems Familiarity with cryptography, data encryption, and DLP technologies Experience developing detection use cases and automated playbooks Strong communication skills with the ability to present to technical and non-technical audiences Demonstrated ability to work collaboratively in a fast-paced environment

Responsibilities: The key responsibilities of this position include development of network security design plans and the development of reference architectures and standards for secure networking across the enterprise. The position isresponsible for understanding and interpreting global business and technical security requirements in order to apply advanced next generation firewalling, encryption, access control and intrusion prevention technologies for global consumption. This includes participation in discovery, documentation, validation / refinement of forward-looking solutions (ex. Global Network Access Control and next-gen integrated Firewall and IPS strategy) while considering opportunities for re-use of standard solutions and technologies. - Develops and communicates network security infrastructure design plans, future strategic and tactical plans to aid in decision making activities that affect key network environments and initiatives. - Researches and recommends next generation network security technologies & products (ex. 802.1x port authentication, RADIUS, Application Firewalling, Intrusion Prevention Systems, etc.) - Collaborates with suppliers, Storage, Hosting, Facilities, IT Security and Client Services towers on network security solutions for development of advanced services to meet overall protection requirements. Designs customized solutions as required to support Business objectives. - Meets with vendors to discuss product strategy offerings, addresses technical issues/deficiencies and influences new products and services to meet growing and changing requirements. - Indirectly leads Sr. Network Security Engineers in key initiatives and ensures high quality and timeliness of deliverables. Qualifications -5-10 years in high-availability, 24x7 enterprise environments -Experience designing segmented networks -Strong TCP/IP -Securing firewalls (Palo Alto highly preferred in addition to others) -Knowledge of routing protocols, access control, encryption, intrusion prevention, authentication and firewalling -Firemon, SEIM, QRadar (operating these tools) -Knowledge of PCI (Someone who has been through a security audit and provided artifacts (NOT interested the person performing audits, but the person being audited & designing/implementing the solutions) -“Doers” not thinkers - patient, hard-working, sense of urgency Additional Information All your information will be kept confidential according to EEO guidelines.

As a Security Architect, you will provide security services support for a large enterprise network spanning approximately 140 sites. You will manage major application and site move and build projects in coordination with the team and the project manager. You will assist the Network Analyst with the creation of security-related reports, setting network monitor thresholds, and overseeing network health. You will respond to operational requests daily and act as the second level of escalation for incident resolution. Working closely with the Network Architect, you will review new technologies and standards and assist with the development of SOPs, runbooks, and other operational resources for the security team. You will report the regular status of projects and operational issues to the Service Delivery Manager (SDM). We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (****************************************** Og4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (*********************************************************************************************** . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: *************************************************** . Skills and Requirements Bachelors degree in Electrical Engineering, Systems Engineering, or a related field, with a minimum of 8 years of experience in network and cyber security. Alternatively, a high school diploma plus 12 years of relevant experience. Palo Alto Certification: PCNSA and/or PCNSE. Strong experience with Cisco Systems network, security, and datacenter products, including: Palo Altos Panorama and Firewalls Zscaler, ZIA, ZPA Cisco FTD, Firepower Cisco ASA Strong experience with Cisco ISE. Strong experience with Zscaler web proxy and VPN technologies. Experience designing and deploying security technologies. Experience designing and deploying load balancer and remote access solutions. Experience managing large application build and move projects. Strong background in Service and Change Management. Ability to present complex technical concepts in understandable language. Excellent oral and written communication skills. Cisco Certified Network Professional (CCNP) Security. Certified Information Systems Security Professional (CISSP). Experience creating and presenting project plans and designs. null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to ********************.

Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours. Description & Requirements Currently, ManTech is actively seeking a motivated, customer oriented CSSE III to join our team in the El Segundo, CA area. The Cybersecurity System Security Engineer's primary function is working within Special Access Programs (SAPs) supporting SMC and AFSPC acquisition programs. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities to meet NIST Cybersecurity requirements for system assessment & authorization. Performance Shall Include Lead a team of System Security Engineers and Certification and Accreditation Analysts responsible for ensuring the customer's national and international security interests are protected as acquisition systems are designed and tested. Chair and or Co-Chair customer and SAP community Cybersecurity working groups, participate in SSE IPT reviews. Perform oversight of the development, implementation, and evaluation of information system security program policy; special emphasis placed upon integration of existing SAP network infrastructures. Provides expert level consultation and technical services on all aspects of Information Security. Review SSE related designs and provides security compliance recommendations. Develop and provide Cybersecurity risk management recommendations to the customer. Provide SSE support for Mission and Training systems design and development. Assist with development and maintenance of the Program Protection Plan & Cybersecurity Strategy. Assist with site activation activities and design reviews, to include test & evaluation of systems. Represent the Government Program Manager in various SSE related working groups, advisory groups, and advisory council meetings. Work directly with approval/accreditation authorities to obtain systems' Authorization to Operate. Basic Qualifications Bachelor's degree in a related discipline an additional 4 years of related experience may be accepted in lieu of degree. Minimum of 12 years total experience 8 years' experience with SCI or SAR environment. 4 years of SAP relevant experience highly desired. Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level 3 and Information Assurance Manager Level 3 within 6 months of the date of hire. CISSP Recommended. Must be familiar with security policy/manuals and the appropriate ICDs/JAFANs/DOD Manuals and other guiding policy documents. Full understanding of Risk Management Framework (RMF) and Joint SAP Implementation Guide (JSIG) processes for system accreditation, along with legacy (DITSCAP, DIACAP) processes. Security Clearance Requirements Current Top Secret Clearance with SCI Eligibility Eligibility for access to Special Access Program Information Willingness to submit to a polygraph. Preferred Requirements Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners. Working knowledge of Microsoft Office (Word, PowerPoint, and Excel) Possess a high degree of originality, creativity, initiative requiring minimal supervision. Willingness to travel within the organizational Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation) Physical Requirements Must be able to remain in a stationary position 50%. Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer. Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations. The projected compensation range for this position is $134,700.00-$224,700.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, ManTech invests in it's employees beyond just compensation. ManTech's benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, Short Term and Long Term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections. For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone. ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law. If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at **************. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access ***************************************** as a result of your disability. To request an accommodation please click ******************* and provide your name and contact information.

The LMU Information Technology Services team enables technologically-rich learning environments, provides effective teaching and scholarship resources and maintains reliable, accessible, and integrated information systems. This work is grounded in and supports the University' mission: * The encouragement of learning * The education of the whole person * The service of faith and the promotion of justice Under the general direction of the CIO/Vice President for Information Technology, the Director of Information Security and Compliance will drive the university's efforts to protect its information assets and ensure compliance with relevant regulations and standards. This role is pivotal in creating a secure and compliant digital environment that supports LMU's mission, values, and goals. The Director will leverage partnerships and collaboration to lead initiatives that result in measurable improvements in information security and compliance, fostering a culture of security awareness and proactive risk management. The Director will serve as the process owner of the appropriate second-line assurance activities not only related to confidentiality, integrity and availability, but also to the safety, privacy and recovery of information owned or processed by LMU in compliance with regulatory and university requirements. The Director will oversee the university's compliance with applicable laws, regulations, and policies related to information security and privacy. Position Specific Responsibilities/Accountabilities * Enhance Security Posture: Develop and implement a comprehensive information security program that significantly reduces risks and vulnerabilities across the university's digital landscape. * Ensure Regulatory Compliance: Achieve and maintain compliance with relevant regulations and standards, ensuring that LMU meets all legal and regulatory requirements. * Collaborative Protection: Work closely with various campus partners, external stakeholders, and community partners to ensure that information assets and associated technologies are protected, resulting in a cohesive, unified, and well understood approach to information security and compliance. * Risk Management: Conduct thorough risk assessments and implement effective mitigation strategies, leading to a demonstrable reduction in potential threats. * Incident Response: Oversee and improve incident response and recovery efforts, ensuring swift and effective investigation and resolution of security incidents. * Policy Development: Create and enforce robust policies and procedures that safeguard information assets, leading to a well-documented and easily accessible framework for information security. * Training and Awareness: Provide comprehensive training and guidance to staff on information security best practices, resulting in a well-informed and vigilant workforce. * Monitoring and Reporting: Continuously monitor and report on the effectiveness of the information security program, providing clear metrics and insights that demonstrate progress and areas for improvement. * Leadership and Strategy: Plan and manage the strategy, people, processes, tools, services, and resources necessary to effectively support the program and meet strategic goals. * Business Continuity and Disaster Recovery: Orchestrate a secure, robust, and highly reliable approach to providing ITS services, during and after a disaster or disruption, to minimize negative impacts to business operations and maintain essential services. * Data Governance: Oversee the university's data governance efforts, ensuring that data is managed securely and in compliance with university policies and legal requirements. Perform other related duties. Loyola Marymount University Expectations Exhibit behavior that supports the mission, vision, and values of the university. Communicate and employ interpersonal actions that model high standards of professional, responsible, accountable, and ethical conduct. Demonstrate a commitment to outstanding customer service. Requisite Qualifications * Typically a Bachelor's Degree from an accredited four-year institution in Computer Science, Information Technology, or Cybersecurity. * Seven years of experience ininformation security, with at least three years in a management role. * Professional certifications such as CISSP, CISM, or CISA are highly desirable. * Experience in developing and implementing technology policy, preferably in a University environment. * Strong knowledge of frameworks, standards, and best practices relating to Information Security, Privacy, Data Governance, and Business Continuity and Disaster Recovery Experience with regulatory compliance requirements (e.g., i.e. FERPA, HIPAA, GDPR, CCPA, and PCI-DSS). * Demonstrated excellent verbal and written communication skills, as well as presentation skills. Writing samples may be required. * Excellent leadership, analytical, problem-solving, and decision-making skills. * Strong communication and interpersonal skills, with the ability to effectively collaborate with diverse stakeholders. * Demonstrated ability to lead and manage a team of security professionals. The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of this position. #HERC# #HEJ# Staff Regular Salary range $143,100.00 - $200,300.00 Salary commensurate with education and experience. Loyola Marymount University, a Carnegie classified R2 institution in the mainstream of American Catholic higher education, seeks outstanding applicants who value its mission and share its commitment to inclusive excellence, the education of the whole person, and the building of a just society. LMU is an equal opportunity employer committed to providing an environment free from discrimination and harassment as defined by federal, state and local law. We invite all persons in the full diversity of their being, life experience, and beliefs to apply. (Visit *********** for more information.)

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our cybersecurity team is seeking a Senior Information Systems Security Officer (ISSO) to support our team 100% onsite at our facility in El Segundo, California. The successful candidate will interface with the Information Systems Security Manager (ISSM) to ensure adherence with NIST Special Publications, customer directives, and company policies as applicable all NISPOM Chapter 8, DAAPM, JSIG policies. What You Will Do * Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness. * Investigating information system security violations and help prepare reports specifying corrective and preventative actions. * Reviewing and approving (within authority) configuration management requests. * Conducting technical and administrative assessments. * Integrating new cybersecurity processes, procedures, and tools. * Support the creation, review and update of cybersecurity documentation and other technical writing. Qualifications You Must Have * Typically requires a Bachelors Degree and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years' experience. * Current IAM Level I certification (Security+ or other). * Relevant Experience Considered in any combination: * Cybersecurity, systems security or hardening * Information Technology * Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA * Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics) * Physical security/security, policework/criminal justice, investigations, or Border Patrol * Project or program management, office management, senior administration, or account management * Active and transferable U.S. government issued Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. Qualifications We Prefer * Experience working in DoD classified operating and/or laboratory environments. * Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc. * Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry. * Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF). * Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT). * Familiarity with large multi-facility networks including various complex components, including Windows and Linux environments. * Experience interpreting, implementing, and assessing DISA STIGs. * Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication. What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available Please consider the following role type definition as you apply for this role: * Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. We are RTX #LI-Onsite The salary range for this role is 90,000 USD - 182,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Millennium Space Systems, A Boeing Company delivers affordable, high-performance space systems for exacting customers. At Millennium, you will be part of a close-knit team working on exciting technological problems. We work in an open environment where ideas are shared across all disciplines, and there are ample opportunities for advancement based on excellence. Superstars are welcome. At Millennium, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company committed to fostering an environment for every teammate that's welcoming, respectful and innovative, with great opportunities for professional growth. Find your future with us. Job Summary As an Information Systems Security Officer (ISSO) at Millennium Space Systems, you ensure that the classified and controlled systems Millennium is responsible for comply with all customer-defined security requirements and applicable federal regulations. This position's internal job code is Info Sec & Governance Spec. Our team is currently hiring for level 2. Responsibilities Perform daily and weekly information assurance activities, such as auditing, and working with the IT team to patch classified systems with the goal of maintaining all systems in compliance with corporate and government directives, regulations, and policies Create new and manage existing assessment and authorization packages and perform all tasks necessary to obtain and maintain authorization to operate (ATO). This includes items such as the implementation of security controls, writing procedures for, and conducting certification testing, facilitating third party certification and penetration testing, addressing plan of action and milestones (POA&M) items, and continuous monitoring activities Ensure system authorization packages take into consideration the requirements of government agencies and the owner/users of the systems such as program managers, system engineers, and developers Design and implement technical security controls for new and existing systems Participate in or lead planning and executing risk management activities such as disaster recovery, continuity of operations, and incident response Participate in or lead computer forensic activities such as using tools and techniques for attack reconstruction, root cause analysis, and providing solutions/recommendations Minimum Qualifications This position requires at a minimum an active Secret clearance pre-start. 2 years of experience within the IT and/or InfoSec industry Certification(s) and experience commensurate with Information Assurance Manager Level I (IAM Level I) as specified by DoDD 8140 Experience in classified environments (e.g.: Collateral, SCI, SAP) Working knowledge of the Risk Management Framework as provided by NIST Special Publication (SP) 800-37, controls provided in NIST SP 800-53, and assessments provided by NIST SP 800-53A and derived policies, such as the Intelligence Community Directive Number 503 (ICD-503) or the Joint Special Access Program (SAP) Implementation Guide (JSIG) Working knowledge and experience with completing and submitting accreditation or assessment and authorization packages Ability to audit and verify security controls as part of industry standard system hardening or in accordance with customer or government requirements Ability to communicate complex concepts with senior management, technical personnel, and external entities including senior representatives of the US Government and teammates Ability to audit, scan for vulnerabilities, and continuously monitor mixed computer system environments using vulnerability scanners, SIEMs, and various scripting languages Preferred Qualifications Ability to participate in or manage Computer Incident Response Team (CIRT) activities, including computer forensic analysis Ability to analyze network traffic using common security devices such as wireshark, tcpdump, firewalls, and intrusion detection systems Summary Pay-Range Please note that the salary information shown below is a general guideline only of what is reasonably expected to be paid for the position. Salaries are based upon candidate experience and qualifications, as well as market and business considerations. Level 2: $38.41 - $56.49 Before applying, please note: Millennium is DDTC-registered, ITAR-compliant Company. This position is located at a facility that requires special access. Applicants MUST be U.S. citizens and eligible for a security clearance. Additionally, applicants must be willing to apply for and maintain a security clearance. We encourage all interested candidates to apply for any open position for which they feel they are qualified. Applicant Privacy Policy Mandatory Security Clearance and Access Process Disqualifying Criteria

Are you a hands-on security leader ready to make a measurable impact in a mission-driven organization? We're looking for a Director of Information Security to lead and scale our security operations, incident response, and engineering efforts. In this role, you'll oversee our security ecosystem - from real-time monitoring to proactive threat hunting - and help shape the future of enterprise security at a growing company. This is a highly collaborative position where you'll work cross-functionally with teams across the business to protect our information assets, infrastructure, and services - especially within a SaaS and life sciences environment. What will you do? * Shape and drive the enterprise security operations strategy in alignment with broader company goals. * Serve as a trusted advisor to senior leadership on all things security. * Manage our Security Operations Center (SOC), ensuring rapid incident detection, triage, and response. * Oversee threat intelligence, vulnerability management, and operational risk mitigation initiatives. * Partner with IT and engineering teams to deploy, tune, and optimize tools like SIEM, SOAR, EDR, and DLP. * Implement automation and integrations that improve speed and efficiency. * Lead cyber incident response efforts and continuously test and improve our disaster recovery and response plans. * Coordinate cross-functional teams (e.g., Legal, HR, Communications) during major security events. * Lead, mentor, and grow a high-performing team of security and infrastructure professionals. * Support the development of a resilient, inclusive, and learning-driven culture across the department. * Align programs with regulatory standards (HIPAA, SOX, GDPR, PCI-DSS) and frameworks (NIST, MITRE ATT&CK). * Support audits and ensure documentation is ready and accurate. How will you get there? * Bachelor's degree in Computer Science, Information Security, or related field (Master's a plus). * 12+ years of relevant experience, including 4+ years leading teams in complex enterprise environments. * Hands-on expertise in SOC management, incident response, and threat intelligence. * Experience in the Medical Device, Life Sciences, or highly regulated industries preferred. * Professional certifications such as CISSP, CISM, GIAC, or CEH. * Proficiency with security tools including SIEM, EDR, SOAR, IDS/IPS, and vulnerability management platforms. * Strong knowledge of cloud (AWS, Azure, GCP), Windows/Linux systems, and network protocols. * Familiarity with security frameworks and standards (NIST, MITRE, ISO 27001). * Proven ability to build, lead, and retain high-performing technical teams. * A proactive, solutions-oriented mindset with excellent communication and collaboration skills. #GKOSUS

Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours. Currently, ManTech is actively seeking a motivated, customer oriented CSSE III to join our team in the El Segundo, CA area. The Cybersecurity System Security Engineer's primary function is working within Special Access Programs (SAPs) supporting SMC and AFSPC acquisition programs. The position will provide "day-to-day" support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities to meet NIST Cybersecurity requirements for system assessment & authorization. Performance shall include: Lead a team of System Security Engineers and Certification and Accreditation Analysts responsible for ensuring the customer's national and international security interests are protected as acquisition systems are designed and tested. Chair and or Co-Chair customer and SAP community Cybersecurity working groups, participate in SSE IPT reviews. Perform oversight of the development, implementation, and evaluation of information system security program policy; special emphasis placed upon integration of existing SAP network infrastructures. Provides expert level consultation and technical services on all aspects of Information Security. Review SSE related designs and provides security compliance recommendations. Develop and provide Cybersecurity risk management recommendations to the customer. Provide SSE support for Mission and Training systems design and development. Assist with development and maintenance of the Program Protection Plan & Cybersecurity Strategy. Assist with site activation activities and design reviews, to include test & evaluation of systems. Represent the Government Program Manager in various SSE related working groups, advisory groups, and advisory council meetings. Work directly with approval/accreditation authorities to obtain systems' Authorization to Operate. Basic Qualifications: Bachelor's degree in a related discipline an additional 4 years of related experience may be accepted in lieu of degree. Minimum of 12 years total experience 8 years' experience with SCI or SAR environment. 4 years of SAP relevant experience highly desired. Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level 3 and Information Assurance Manager Level 3 within 6 months of the date of hire. CISSP Recommended. Must be familiar with security policy/manuals and the appropriate ICDs/JAFANs/DOD Manuals and other guiding policy documents. Full understanding of Risk Management Framework (RMF) and Joint SAP Implementation Guide (JSIG) processes for system accreditation, along with legacy (DITSCAP, DIACAP) processes. Security Clearance: Current Top Secret Clearance with SCI Eligibility Eligibility for access to Special Access Program Information Willingness to submit to a Counterintelligence polygraph. Preferred Requirements: Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners. Working knowledge of Microsoft Office (Word, PowerPoint, and Excel) Possess a high degree of originality, creativity, initiative requiring minimal supervision. Willingness to travel within the organizational Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation) Physical Requirements: Must be able to remain in a stationary position 50%. Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer. Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.